Population

Search
Close this search box.

The value we create together

Safety on the Internet

Safety on the Internet

With the aim of preventive action and protection, we share important and useful information with you.

In this type of scam, scammers collect personal information from social media posts and websites to impersonate their victims through identity theft.

Scams in online reservations and purchases

Debit or credit card fraud most often occurs when an unauthorized person (fraudster) gains access to your card.

Safety on the Internet

With the aim of preventive action and protection, we share important and useful information with you. 


Business email compromise (BEC – Business Email Compromise) and email account compromise – (EAC – Email Account Compromise)

BEC/EAC is a type of computer crime in which a fraudster uses email to trick someone into sending money or confidential company information. We can say that BEC is a sophisticated fraud aimed at companies that work with foreign suppliers and that regularly make foreign payments through banks.

The fraud is carried out by compromising the business email account, through social engineering or hacking techniques to perform unauthorized fund transfers. The culprit/fraudster presents himself as a trustworthy person and then asks for the payment of a bill or the delivery of sensitive data, which he can use in the same or another scam.

Recommendation that when paying, the client confirms the payment instructions, by phone or in person, with a note that each change must be verified in different ways (email, phone, in person, or by mail).

The three most common types of BEC scams

Data theft

Sometimes scammers start by targeting human resources departments and stealing company information like someone’s schedule or personal phone number. Fraudsters also target profiles on social networks and thus collect information about workers. Then it is easier to perform one of the scams or BEC scam and make it more credible.

Fake invoice

Fraudsters use phishing or malware to gain access to a finance employee’s email account. The culprit poses as a legitimate supplier that your company works with, the scammer sends a fake invoice or invoice by email—which often looks like the real thing, the invoice number may be just one digit different. Or they may ask you to pay to another bank, claiming that the bank is under audit or that the funds will be available sooner at that other bank.

CEO fraud

Fraudsters either spoof or hack into CEO email accounts, then send instructions to employees to purchase or send money via electronic services. Scammers may ask an employee to buy a gift bank card gift card and then ask for photos of the serial numbers.

Recommendations for clients before executing a payment order:

Check who you are getting the invoice/order email from,
is the domain valid,
whether the sender’s address is correct,
whether the address is different,
avoid responding to suspicious emails,
avoid opening attachments if the sender is unknown,
do not click on links, links in emails,
pay attention to the spelling and formatting of the text itself,
make a return call, to a number you already know, NOT to the phone number from the invoice/order;
communicate exclusively with an authorized person, or the director of finance;
introduce the practice of checking the instructions coming from the supplier, confirmation of receipt thereof, order/invoice name, payment amount, payment currency, bank account number;
implement double authorization, while limiting employees who have access to payments;
perform additional control and confirm changes;

After confirmation, the client submits the order for payment; electronically or in person at the Bank’s counter.
Fraudsters use increasingly complex methods to attack individuals and companies, our goal is for our clients to recognize fraud attempts and not fall for them.
In the event that you believe the fraudster and execute the order, immediately notify the bank and file a report with the competent police authorities or the Ministry of Interior.

Online shopping

Important information for users:

Before using your payment cards online, i.e. paying via the Internet, check the security of the website through which you make the payment.
To avoid unauthorized use of your cards, you confirm each Internet payment by correctly entering the CVC code from the card
By entering the security code correctly, you confirm that you are the owner of the card, without which the online transaction could not be completed
Do not open links or respond to emails that appear to have suspicious content
By contracting the mBBI mobile banking service and the “Card Guard” option (providing preventive protection of card transactions), you can have complete control and prevention over various types of card transactions, transaction monitoring and the inclusion of warnings when performing a transaction. Or simply set your own desired parameters to control the card, receive alerts in real time and respond to warnings about possible malicious transactions. Proactively manage your payment cards 24h/365 without restrictions – debit, prepaid and credit cards using only an application on your smartphone, and set functionalities in all or only certain countries.

In no case is the bank responsible for the consequences that may arise as a result of using the card for transactions over the Internet, that is, you make any payment on the Internet at your own risk.

Protect your personal information so you don’t become a victim of online fraud

When paying online with payment cards, or in any other way, do not provide the front and back of the card, PIN codes or any data from the card (example: card number, card validity date, control number) in order to avoid attempts to misuse the cards.
Do not disclose information about your personal data to third parties (identity card number, passport number, JMBG, etc.) in order not to become a victim of fraud on the Internet.

Glossary

Phishing

It includes unauthorized e-mail messages or a new web browser window, the purpose of which is to obtain information on personal data of clients (identity card number, passport number, JMBG, etc.), as well as card data (card number, card validity date, control number).

Vhishing

A newer form of phishing that involves the unauthorized collection of customer and card data based on a phone call.

Email messages and phone calls

Do not respond to e-mails or phone calls that ask for personal or card information.
The bank will never ask you over the phone to communicate the full card number, PIN secret number, card expiration date or control number on the back of the card.
Do not open links or attachments and do not respond to e-mails with suspicious content.
Report any suspicious transaction

Security

BBI Bank continuously monitors its own card transactions. All BBI payment cards and the Bank’s security system are at the highest level, but each client is obliged to keep the card data, PIN number, security code, codes for the Bank’s e-services, etc., confidential.

For any additional questions, please contact us via e-mail: info@bbi.ba or via the free info phone number: 080 020 020.

Scams on social networks

In this type of scam, scammers collect personal information from social media posts and websites to impersonate their victims through identity theft. 

Any use of social networks is communication with the person who created a profile on social networks, the same cannot be considered his identity, in terms of the accuracy of that person’s personal data. The identity of a person on social networks is difficult to determine, because there are thousands and millions of them on social networks registered users, with a large number of profiles with the same or similar personal data. Only one is “real”, while all the others are “fake” profiles. It is necessary that you have different user data and password for each activity on the network/site. We recommend that you be careful when disclosing personal information. Please note that all information posted on social media is public and permanent.

Raffles

Raffles with incredible prizes are organized on social networks. If you see a sweepstakes on social media claiming to give away ten or more of the latest cell phones or laptops or motorbikes or vacations or cars, you can be sure it’s a scam.

Sweepstakes, in which you can “supposedly” get everything they state, you just need to like, comment and share, is not awarding a prize, because it does not exist – the goal is to obtain various forms of benefits for those who organize them. After you fall for it and post a comment, your information is extracted, in a way that scammers contact you via private messages and ask you to send a picture of your bank card or a picture of your ID. Or they often ask you to visit a link from a message attachment, the link looks like a legitimate page for more information, but in fact the scammers control that page and use it to steal sensitive information, such as bank card details, or passwords to access your devices.
Internet fraudsters promise valuable rewards to social network users, but actually try to rob them. Some of them intend to try to extract money from users, others work to steal personal data.

 

It is recommended that you report such prize games immediately.

 

Today, the following are very popular on social networks:
•    Stores of shoes and clothes, costume jewelry and jewelry,
•    Second-hand goods and furniture,
•    Help for victims of violence, help in treatment, help  “until we figure it out”,
•    Gifting or giving away “expensive” items,
•    Meeting soul mates, catch happiness,
different variations, all for the purpose of exploitation through the payment of upfront fees, romantic or directorial fraud.

Do not fall for anything that seems too good to be true, know that it is a scam. 

Three tips for spotting fake social media accounts

Three tips for recognizing fake accounts on social networks, before accepting someone as a friend;

 

1. Pay attention to content that is publicly available; Scammers often post memes, fake pictures, non-original pictures, avatar pictures. Posts do not contain much written content, and those that do have some information contain spelling/grammatical errors.

2. Perform an open account transparency analysis; ask an additional question about who is behind this account and what is posted on the account.

3. Do a quality check; fake social media accounts buy engagement, fake followers usually leave comments unrelated to the conversation. Check the follower and engagement ratios, how many posts actually have. If you follow a famous person, keep in mind that famous people also have fake followers and are often targeted by fraudsters.

 

Recommendation for safer use of social networks:

Separate username and password on social networks, from user logins to computer, email and  bank accounts/data.
Don’t use the same username and password for social media logins as you use to access your bank accounts.
Never share personal information such as username, PIN or account numbers on social networks.
Create a username that doesn’t reveal too much about you.
Be careful when clicking on links or external links.
Only post information that you are comfortable with others, including strangers, seeing.

Let personal information stay personal.
Use privacy settings to limit access to information.
Never post information that could help thieves steal your identity, such as your address, phone number, or even employment information.

The bank will NEVER ask you for confidential information by phone and/or e-mail and/or SMS.
Do not share with third parties YOUR access data for electronic services, photos of your debit or credit card, card PIN, CVV/Control number. This information is known only to you. 

In case of misuse, please contact us via e-mail: info@bbi.ba or via the free info phone number: 080 020 020.
Your Bosna Bank International d.d. Sarajevo

Scams when shopping online

We all can’t wait for the annual vacation, we look at the offers for the most affordable accommodation, we search for the cheapest plane tickets, trips and destinations, and we are often attracted by advertising messages with bombastic titles.

Sale – Sale – Bargain – Offer Expiring in 15 Minutes – Don’t Miss Out

We urge you to PAY SPECIAL ATTENTION, because in most cases, product or service offers that seem too good to be true, most often turn out to be scams!

Every day we can notice fake websites for booking travel and accommodation, all at the best and most affordable prices.

Scammers on the Internet are becoming more and more sophisticated, using all available methods to attract attention, as well as opening in new windows (pop-up windows) of the Internet browser that display advertisements to lure you to visit fake websites that look just as good as legitimate ones.

Here are some useful tips and recommendations:

CHECK IF THE WEBSITE CONTAINS AN SSL CERTIFICATE

The first thing you need to do is to check the web domain name. The URL starts with “https” followed by a padlock icon, also known as an SSL certificate. Nowadays, most web browsers give a warning when a website is not secure.

PAY SPECIAL ATTENTION WHEN PAYING ON WEBSITES

Paying with payment cards through the website may take you to one of the phishing websites and thus you may become a victim of fraud. Beware of paying through third-party platforms. A common tactic of scammers is to lure you away from a trusted booking platform by offering a better price on a third page with the description that it’s an offer you don’t want to miss. The scam starts the moment you see a message or a post from an official site that offers an example: BENEFIT two free tickets with accommodation in an exclusive hotel”, after you click on the link. Clicking on the link opens a new Internet window, and that’s when you are redirected to the site third party “phishing” that is not related to the official site..  But scammers use them to trick you.

Some of the web pages may be just a copy of the actual verified pages. Once you click the link or download the app to take advantage of the offer, you risk giving your personal information to fraudsters who could steal your identity.

CHECK THE REVIEWS

To pay online or book accommodation, use verified sites, check reviews and, of course, reputation. Also check if what they advertise corresponds to the actual location, e.g. via Google Maps. If you notice that the reviews are written in a very incomprehensible, grammatically incorrect or slightly generic way (they are all similar), there is a high probability that you have come across a scam site. It’s always better to triple check than to be scammed.

KEEP PERSONAL RECORDS

For every online payment, keep personal records, take a screenshot, so that you have an accurate view of the date, time and minutes of the card payment. It’s easier to pay by card than to carry cash, but after paying it’s important to keep the slips until you get the statement. Then, with the slips, you do the payment control, because maybe somewhere, in some store, some transaction was calculated twice.

It is certainly our recommendation that you follow the statements of all changes to the account resulting from the use of the card, including monthly obligations resulting from the use of the card, membership fee, registration fee and other fees that may arise from use.

DO NOT LEAVE PAYMENT CARDS UNATTENDED

Do not leave the card unattended, because the card data and CVV/CVC code can easily be copied and stolen. Never keep your security PIN and card in the same place. If the payment requires entering a PIN, cover the numbers with your hand when typing.

CHECK STATEMENTS REGULARLY

Our advice is to regularly check the statements and if you notice any discrepancy, contact us via e-mail address: info@bbi.ba or via the free info telephone number: 080 020 020.

Useful information:

By using the mobile banking service mBBI* and the Card Guard mobile application, you can proactively protect your card transactions. It is ideal for use on vacation or travel. With the simple activation of the card in the country where you are staying, after returning, deactivate the card for use in that country, thus protecting yourself from unauthorized use of the card after the trip is over. This application provides and enables the user to:

complete control and prevention of various types of card transactions, monitoring of transactions and inclusion of warnings during the transaction
setting desired parameters for card control, receiving alerts in real time and responding to warnings about possible malicious transactions
cards to independently and proactively manage 24h/365 with all your cards without limits – debit, prepaid and credit cards using only an application on your smartphone
setting with functional cards in all or only certain countries

See more information about this app HERE

Scams when shopping online

We all can’t wait for the annual vacation, we look at the offers for the most affordable accommodation, we search for the cheapest plane tickets, trips and destinations, and we are often attracted by advertising messages with bombastic titles.

Sale – Sale – Bargain – Offer Expiring in 15 Minutes – Don’t Miss Out

We urge you to PAY SPECIAL ATTENTION, because in most cases, product or service offers that seem too good to be true, most often turn out to be scams!

Every day we can notice fake websites for booking travel and accommodation, all at the best and most affordable prices.

Scammers on the Internet are becoming more and more sophisticated, using all available methods to attract attention, as well as opening in new windows (pop-up windows) of the Internet browser that display advertisements to lure you to visit fake websites that look just as good as legitimate ones.

Here are some useful tips and recommendations:

CHECK IF THE WEBSITE CONTAINS AN SSL CERTIFICATE

The first thing you need to do is to check the web domain name. The URL starts with “https” followed by a padlock icon, also known as an SSL certificate. Nowadays, most web browsers give a warning when a website is not secure.

PAY SPECIAL ATTENTION WHEN PAYING ON WEBSITES

Paying with payment cards through the website may take you to one of the phishing websites and thus you may become a victim of fraud. Beware of paying through third-party platforms. A common tactic of scammers is to lure you away from a trusted booking platform by offering a better price on a third page with the description that it’s an offer you don’t want to miss. The scam starts the moment you see a message or a post from an official site that offers an example: BENEFIT two free tickets with accommodation in an exclusive hotel”, after you click on the link. Clicking on the link opens a new Internet window, and that’s when you are redirected to the site third party “phishing” that is not related to the official site..  But scammers use them to trick you.

Some of the web pages may be just a copy of the actual verified pages. Once you click the link or download the app to take advantage of the offer, you risk giving your personal information to fraudsters who could steal your identity.

CHECK THE REVIEWS

To pay online or book accommodation, use verified sites, check reviews and, of course, reputation. Also check if what they advertise corresponds to the actual location, e.g. via Google Maps. If you notice that the reviews are written in a very incomprehensible, grammatically incorrect or slightly generic way (they are all similar), there is a high probability that you have come across a scam site. It’s always better to triple check than to be scammed.

KEEP PERSONAL RECORDS

For every online payment, keep personal records, take a screenshot, so that you have an accurate view of the date, time and minutes of the card payment. It’s easier to pay by card than to carry cash, but after paying it’s important to keep the slips until you get the statement. Then, with the slips, you do the payment control, because maybe somewhere, in some store, some transaction was calculated twice.

It is certainly our recommendation that you follow the statements of all changes to the account resulting from the use of the card, including monthly obligations resulting from the use of the card, membership fee, registration fee and other fees that may arise from use.

DO NOT LEAVE PAYMENT CARDS UNATTENDED

Do not leave the card unattended, because the card data and CVV/CVC code can easily be copied and stolen. Never keep your security PIN and card in the same place. If the payment requires entering a PIN, cover the numbers with your hand when typing.

CHECK STATEMENTS REGULARLY

Our advice is to regularly check the statements and if you notice any discrepancy, contact us via e-mail address: info@bbi.ba or via the free info telephone number: 080 020 020.

Useful information:

By using the mobile banking service mBBI* and the Card Guard mobile application, you can proactively protect your card transactions. It is ideal for use on vacation or travel. With the simple activation of the card in the country where you are staying, after returning, deactivate the card for use in that country, thus protecting yourself from unauthorized use of the card after the trip is over. This application provides and enables the user to:

complete control and prevention of various types of card transactions, monitoring of transactions and inclusion of warnings during the transaction
setting desired parameters for card control, receiving alerts in real time and responding to warnings about possible malicious transactions
cards to independently and proactively manage 24h/365 with all your cards without limits – debit, prepaid and credit cards using only an application on your smartphone
setting with functional cards in all or only certain countries

See more information about this app HERE

About us

Bosna Bank International d.d. Sarajevo